This commit is a part of patches extending AddressSanitizer
C++ container overflow detection capabilities by adding annotations,
similar to those existing in std::vector, to std::string and
std::deque collections. These changes allow ASan to detect cases
when the instrumented program accesses memory which is internally
allocated by the collection but is still not in-use
(accesses before or after the stored elements for std::deque,
or between the size and capacity bounds for std::string).
Trail of Bits developed this as part of a research project where
we tried to find bugs using the oss-fuzz
(using llvm-14 with our modifications) harnesses.
Now, we want to upstream the llvm-15 port of this work.
That commit adds ASan annotations to std::deque.
Every std::deque chunk (contiguous memory block used by the container)
is annotated separately and API functions from [1a/3]
are used for that purpose.
Regarding performance, the introduced changes only affect cases when
a std::deque object is created or has an element added or removed.
It is similar to std::vector in that aspect.
The commit also adds unit tests for those annotations and
a compiler-rt function,
which is used within those tests.
This function can also be used in the future to verify
the sanitization/annotation verification of other
double ended contiguous containers.
Also please note that
the is_de_contiguous_container_asan_correct function
can only verify std::deque objects whose memory is never poisoned
by elements inside.
Therefore it cannot be and is not used within the tests with
a sanitized std::basic_string implementation
(which is added in the next commit in this patch series).
Structure of our patches:
[1a/3][ASan][compiler-rt] API for double ended containers
[1b/3][ASan][compiler-rt] API for annotating objects memory
[2a/3][ASan][libcxx] std::deque annotations
[2b/3][ASan][libcxx] std::basic_string annotations
[3/3][ASan] integration test for std::deque and std::basic_string annotations
1a -> 2a -
\ --> 3 /
1b -> 2b -
If you have any questions, please email: